openstack
/
heat
Code Issues Proposed changes

Merge "Use the AccessInfoPlugin from keystoneclient"

This commit is contained in:
Jenkins 2015-05-01 06:08:35 +00:00 committed by Gerrit Code Review
parent 7dc7db9df6 3be96f7cbe
commit 558a71adf4
2 changed files with 9 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
heat/common/context.py
View File

@ -12,7 +12,7 @@
# under the License.
from keystoneclient import access
from keystoneclient.auth.identity import base
from keystoneclient.auth.identity import access as access_plugin
from keystoneclient.auth.identity import v3
from keystoneclient.auth import token_endpoint
from oslo_config import cfg
@ -33,41 +33,6 @@ from heat.engine import clients
LOG = logging.getLogger(__name__)
# FIXME(jamielennox): I copied this out of a review that is proposed against
# keystoneclient which can be used when available.
# https://review.openstack.org/#/c/143338/
class _AccessInfoPlugin(base.BaseIdentityPlugin):
"""A plugin that turns an existing AccessInfo object into a usable plugin.
In certain circumstances you already have an auth_ref/AccessInfo object
that you just want to reuse. This could have been from a cache, in
auth_token middleware or other.
Turn that existing object into a simple identity plugin. This plugin cannot
be refreshed as the AccessInfo object does not contain any authorizing
information.
:param auth_ref: the existing AccessInfo object.
:type auth_ref: keystoneclient.access.AccessInfo
:param auth_url: the url where this AccessInfo was retrieved from. Required
if using the AUTH_INTERFACE with get_endpoint. (optional)
"""
def __init__(self, auth_url, auth_ref):
super(_AccessInfoPlugin, self).__init__(auth_url=auth_url,
reauthenticate=False)
self.auth_ref = auth_ref
def get_auth_ref(self, session, **kwargs):
return self.auth_ref
def invalidate(self):
# NOTE(jamielennox): Don't allow the default invalidation to occur
# because on next authentication request we will only get the same
# auth_ref object again.
return False
class RequestContext(context.RequestContext):
"""
Stores information about the security context under which the user
@ -180,7 +145,9 @@ class RequestContext(context.RequestContext):
if self.auth_token_info:
auth_ref = access.AccessInfo.factory(body=self.auth_token_info,
auth_token=self.auth_token)
return _AccessInfoPlugin(self._keystone_v3_endpoint, auth_ref)
return access_plugin.AccessInfoPlugin(
auth_url=self._keystone_v3_endpoint,
auth_ref=auth_ref)
if self.auth_token:
# FIXME(jamielennox): This is broken but consistent. If you

9
heat/tests/test_heatclient.py
View File

@ -15,6 +15,7 @@ import json
import uuid
from keystoneclient import access as ks_access
from keystoneclient.auth.identity import access as ks_auth_access
from keystoneclient.auth.identity import v3 as ks_auth_v3
from keystoneclient.auth import token_endpoint as ks_token_endpoint
import keystoneclient.exceptions as kc_exception
@ -26,7 +27,6 @@ from oslo_config import cfg
import six
from heat.common import config
from heat.common import context
from heat.common import exception
from heat.common import heat_keystoneclient
from heat.tests import common
@ -50,7 +50,7 @@ class KeystoneClientTest(common.HeatTestCase):
self.m.StubOutWithMock(kc_v3, "Client")
self.m.StubOutWithMock(ks_auth_v3, 'Password')
self.m.StubOutWithMock(ks_token_endpoint, 'Token')
self.m.StubOutWithMock(context, '_AccessInfoPlugin')
self.m.StubOutWithMock(ks_auth_access, 'AccessInfoPlugin')
dummy_url = 'http://server.test:5000/v2.0'
cfg.CONF.set_override('auth_uri', dummy_url,
@ -117,8 +117,9 @@ class KeystoneClientTest(common.HeatTestCase):
p = ks_token_endpoint.Token(token='abcd1234',
endpoint='http://server.test:5000/v3')
elif method == 'auth_ref':
p = context._AccessInfoPlugin('http://server.test:5000/v3',
mox.IsA(ks_access.AccessInfo))
p = ks_auth_access.AccessInfoPlugin(
auth_url='http://server.test:5000/v3',
auth_ref=mox.IsA(ks_access.AccessInfo))
elif method == 'password':
p = ks_auth_v3.Password(auth_url='http://server.test:5000/v3',